Feature: Simple NetFlow Exporter for Kindnet

[aojea]

Kindnet already has the node conntrack flow information

kindnet/pkg/conntrack/conntrack.go

Lines 177 to 178 in 8d87df6

	// log connecvtions summary
	klog.V(4).Infof("connection: %s\torig: src=%s:%d dst=%s:%d packets=%d bytes=%d -- reply: src=%s:%d dst=%s:%d packets=%d bytes=%d duration=%v",

We need a simple NetFlow exporter for Kindnet that can translate conntrack flow data into NetFlow records and send them to a collector.

The tasks should be something like:

• allow users to define an ipfor a netflow collector
• get the existing conntrack flows, and if a collector is defined, format the data and sent it to the collector
• optimize for efficiency, avoiding impact kindnet performance
• bonus: documentation and/or tutorial on how to use it

Refernce: https://blog.palark.com/kubernetes-services-interaction-monitoring-with-netflow/

[LiorLieberman]

To clarify - you mean to not use ipt-netflow module, instead using the conntrack flow information, correct?

So what did you have in mind is just to allow a user to define a netflow collector url?

format the data and sent it to the collector
What formatting did you think of? Looks like a lot of the nice formatting work (enriching service names and other useful metadata) in the example you attached happens inside the collector itself

[aojea]

yeah, we already have the necessary flow information, just bear in mind these are bidirectional flows, we can also provide metadata about the pods ips, but that can be done after.

Is just to define a collector, format the flow to the corresponding protocol and send it ... maybe we should use IPFIX instead of netflow https://www.rfc-editor.org/rfc/rfc5103.html

Dependencies are important, if we are going to vendor something just check that it brings as little as possible , a quick search give me https://github.com/zoomoid/go-ipfix